github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Add summary capabilities to the open API specification (#149998)

Browse source
This commit is contained in:
Lisa Cawley 2023-02-08 08:30:14 -08:00 committed by GitHub
parent 5f43b49df3
commit 903173dff1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 345 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

86
docs/api-generated/rules/rule-apis-passthru.asciidoc
View file

@ -119,6 +119,7 @@ Any modifications made to this file will be overwritten.
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"running" : true,
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
@ -141,12 +142,24 @@ Any modifications made to this file will be overwritten.
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
} ],
"consumer" : "alerts"
@ -402,6 +415,7 @@ Any modifications made to this file will be overwritten.
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"running" : true,
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
@ -424,12 +438,24 @@ Any modifications made to this file will be overwritten.
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
} ],
"consumer" : "alerts"
@ -455,6 +481,7 @@ Any modifications made to this file will be overwritten.
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"running" : true,
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
@ -477,12 +504,24 @@ Any modifications made to this file will be overwritten.
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
} ],
"consumer" : "alerts"
@ -638,6 +677,7 @@ Any modifications made to this file will be overwritten.
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"running" : true,
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
@ -660,12 +700,24 @@ Any modifications made to this file will be overwritten.
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
} ],
"consumer" : "alerts"
@ -1983,6 +2035,7 @@ Any modifications made to this file will be overwritten.
"muted_alert_ids" : [ "muted_alert_ids", "muted_alert_ids" ],
"rule_type_id" : "monitoring_alert_cluster_health",
"tags" : [ "tags", "tags" ],
"running" : true,
"api_key_owner" : "elastic",
"schedule" : {
"interval" : "1m"
@ -2005,12 +2058,24 @@ Any modifications made to this file will be overwritten.
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
}, {
"id" : "9dca3e00-74f5-11ed-9801-35303b735aef",
"params" : {
"key" : ""
},
"connector_type_id" : ".server-log",
"frequency" : {
"summary" : true,
"throttle" : "10m",
"notify_when" : "onActiveAlert"
},
"group" : "default"
} ],
"consumer" : "alerts"
@ -2049,6 +2114,7 @@ Any modifications made to this file will be overwritten.
<li><a href="#Legacy_update_alert_request_properties_actions_inner"><code>Legacy_update_alert_request_properties_actions_inner</code> - </a></li>
<li><a href="#Legacy_update_alert_request_properties_schedule"><code>Legacy_update_alert_request_properties_schedule</code> - </a></li>
<li><a href="#actions_inner"><code>actions_inner</code> - </a></li>
<li><a href="#actions_inner_frequency"><code>actions_inner_frequency</code> - </a></li>
<li><a href="#alert_response_properties"><code>alert_response_properties</code> - Legacy alert response properties</a></li>
<li><a href="#alert_response_properties_executionStatus"><code>alert_response_properties_executionStatus</code> - </a></li>
<li><a href="#alert_response_properties_schedule"><code>alert_response_properties_schedule</code> - </a></li>
@ -2177,11 +2243,22 @@ Any modifications made to this file will be overwritten.
<h3><a name="actions_inner"><code>actions_inner</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
<div class="field-items">
<div class="param">group (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The group name for the actions. If you don't need to group actions, set to <code>default</code>. </div>
<div class="param">connector_type_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. This property appears in responses but cannot be set in requests. </div>
<div class="param">frequency (optional)</div><div class="param-desc"><span class="param-type"><a href="#actions_inner_frequency">actions_inner_frequency</a></span> </div>
<div class="param">group (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The group name for the actions. If you don't need to group actions, set to <code>default</code>. </div>
<div class="param">id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the connector saved object. </div>
<div class="param">params (optional)</div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the action, which are sent to the connector. The <code>params</code> are handled as Mustache templates and passed a default set of context. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="actions_inner_frequency"><code>actions_inner_frequency</code> - </a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'>The parameters that affect how often actions are generated. NOTE: You cannot specify these parameters when <code>notify_when</code> or <code>throttle</code> are defined at the rule level.</div>
<div class="field-items">
<div class="param">notify_when </div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">summary </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the action is a summary. </div>
<div class="param">throttle (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if <code>notify_when</code> is set to <code>onThrottleInterval</code>. It is specified in seconds, minutes, hours, or days. </div>
</div> <!-- field-items -->
</div>
<div class="model">
<h3><a name="alert_response_properties"><code>alert_response_properties</code> - Legacy alert response properties</a> <a class="up" href="#__Models">Up</a></h3>
<div class='model-description'></div>
@ -2230,7 +2307,7 @@ Any modifications made to this file will be overwritten.
<div class="param">consumer </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the application or feature that owns the rule. For example: <code>alerts</code>, <code>apm</code>, <code>discover</code>, <code>infrastructure</code>, <code>logs</code>, <code>metrics</code>, <code>ml</code>, <code>monitoring</code>, <code>securitySolution</code>, <code>siem</code>, <code>stackAlerts</code>, or <code>uptime</code>. </div>
<div class="param">enabled (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether you want to run the rule on an interval basis after it is created. </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the rule. While this name does not have to be unique, a distinctive name can help you identify a rule. </div>
<div class="param">notify_when </div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">notify_when (optional)</div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">params </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the rule. </div>
<div class="param">rule_type_id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The ID of the rule type that you want to call when the rule is scheduled to run. For example, <code>.es-query</code>, <code>.index-threshold</code>, <code>logs.alert.document.count</code>, <code>monitoring_alert_cluster_health</code>, <code>siem.thresholdRule</code>, or <code>xpack.ml.anomaly_detection_alert</code>. </div>
<div class="param">schedule </div><div class="param-desc"><span class="param-type"><a href="#schedule">schedule</a></span> </div>
@ -2537,9 +2614,10 @@ Any modifications made to this file will be overwritten.
<div class="param">mute_all </div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the rule. </div>
<div class="param">next_run (optional)</div><div class="param-desc"><span class="param-type"><a href="#DateTime">Date</a></span> format: date-time</div>
<div class="param">notify_when </div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">notify_when (optional)</div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">params </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the rule. </div>
<div class="param">rule_type_id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The identifier for the type of rule. For example, <code>.es-query</code>, <code>.index-threshold</code>, <code>logs.alert.document.count</code>, <code>monitoring_alert_cluster_health</code>, <code>siem.thresholdRule</code>, or <code>xpack.ml.anomaly_detection_alert</code>. </div>
<div class="param">running (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> Indicates whether the rule is running. </div>
<div class="param">schedule </div><div class="param-desc"><span class="param-type"><a href="#schedule">schedule</a></span> </div>
<div class="param">scheduled_task_id (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> </div>
<div class="param">tags </div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The tags for the rule. </div>
@ -2590,7 +2668,7 @@ Any modifications made to this file will be overwritten.
<div class="field-items">
<div class="param">actions (optional)</div><div class="param-desc"><span class="param-type"><a href="#actions_inner">array[actions_inner]</a></span> </div>
<div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The name of the rule. </div>
<div class="param">notify_when </div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">notify_when (optional)</div><div class="param-desc"><span class="param-type"><a href="#notify_when">notify_when</a></span> </div>
<div class="param">params </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> The parameters for the rule. </div>
<div class="param">schedule </div><div class="param-desc"><span class="param-type"><a href="#schedule">schedule</a></span> </div>
<div class="param">tags (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">array[String]</a></span> The tags for the rule. </div>

143
x-pack/plugins/alerting/docs/openapi/bundled.json
View file

@ -2500,6 +2500,23 @@
}
},
"schemas": {
"notify_when": {
"type": "string",
"description": "Indicates how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.\n",
"enum": [
"onActionGroupChange",
"onActiveAlert",
"onThrottleInterval"
],
"example": "onActiveAlert"
},
"throttle": {
"type": "string",
"description": "The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.",
"nullable": true,
"default": null,
"example": "10m"
},
"actions": {
"type": "array",
"default": [],
@ -2512,6 +2529,32 @@
"items": {
"type": "object",
"properties": {
"connector_type_id": {
"type": "string",
"description": "The type of connector. This property appears in responses but cannot be set in requests.",
"example": ".server-log",
"readOnly": true
},
"frequency": {
"type": "object",
"description": "The parameters that affect how often actions are generated. NOTE: You cannot specify these parameters when `notify_when` or `throttle` are defined at the rule level.\n",
"required": [
"notify_when",
"summary"
],
"properties": {
"notify_when": {
"$ref": "#/components/schemas/notify_when"
},
"summary": {
"type": "boolean",
"description": "Indicates whether the action is a summary."
},
"throttle": {
"$ref": "#/components/schemas/throttle"
}
}
},
"group": {
"type": "string",
"description": "The group name for the actions. If you don't need to group actions, set to `default`.",
@ -2530,16 +2573,6 @@
}
}
},
"notify_when": {
"type": "string",
"description": "Indicates how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.\n",
"enum": [
"onActionGroupChange",
"onActiveAlert",
"onThrottleInterval"
],
"example": "onActiveAlert"
},
"schedule": {
"type": "object",
"description": "The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.",
@ -2558,13 +2591,6 @@
},
"default": []
},
"throttle": {
"type": "string",
"description": "The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.",
"nullable": true,
"default": null,
"example": "10m"
},
"rule_response_properties": {
"title": "Rule response properties",
"type": "object",
@ -2580,7 +2606,6 @@
"mute_all",
"muted_alert_ids",
"name",
"notify_when",
"params",
"rule_type_id",
"schedule",
@ -2714,6 +2739,10 @@
"description": "The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.\n",
"example": "monitoring_alert_cluster_health"
},
"running": {
"type": "boolean",
"description": "Indicates whether the rule is running."
},
"schedule": {
"$ref": "#/components/schemas/schedule"
},
@ -2792,7 +2821,6 @@
"type": "object",
"required": [
"name",
"notify_when",
"params",
"schedule"
],
@ -2831,7 +2859,6 @@
"required": [
"consumer",
"name",
"notify_when",
"params",
"rule_type_id",
"schedule"
@ -3064,30 +3091,42 @@
"update_rule_request": {
"summary": "Update an index threshold rule.",
"value": {
"notify_when": "onActionGroupChange",
"actions": [
{
"frequency": {
"summary": false,
"notify_when": "onActionGroupChange"
},
"group": "threshold met",
"id": "96b668d0-a1b6-11ed-afdf-d39a49596974",
"params": {
"level": "info",
"message": "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
}
}
],
"params": {
"aggField": "sheet.version",
"aggType": "avg",
"index": [
".test-index"
],
"timeField": "@timestamp",
"groupBy": "top",
"aggType": "avg",
"timeWindowSize": 5,
"timeWindowUnit": "m",
"thresholdComparator": ">",
"termField": "name.keyword",
"termSize": 6,
"threshold": [
1000
],
"aggField": "sheet.version",
"termField": "name.keyword",
"termSize": 6
"thresholdComparator": ">",
"timeField": "@timestamp",
"timeWindowSize": 5,
"timeWindowUnit": "m"
},
"name": "new name",
"schedule": {
"interval": "1m"
},
"actions": [],
"tags": [],
"name": "new name",
"throttle": null
}
},
@ -3100,8 +3139,9 @@
"name": "new name",
"enabled": true,
"throttle": null,
"running": false,
"schedule": {
"interval": "1m"
"interval": "10m"
},
"params": {
"index": [
@ -3125,17 +3165,31 @@
"updated_by": "elastic",
"rule_type_id": ".index-threshold",
"scheduled_task_id": "4c5eda00-e74f-11ec-b72f-5b18752ff9ea",
"created_at": "2022-12-12T22:43:20.578Z",
"updated_at": "2022-12-12T22:44:21.783Z",
"notify_when": "onActionGroupChange",
"created_at": "2023-01-31T23:03:33.127Z",
"updated_at": "2023-01-31T23:55:27.314Z",
"mute_all": false,
"muted_alert_ids": [],
"execution_status": {
"status": "ok",
"last_execution_date": "2022-12-12T22:43:21.723Z",
"last_duration": 125
"last_execution_date": "2023-01-31T23:48:42.499Z",
"last_duration": 52
},
"actions": [],
"actions": [
{
"group": "threshold met",
"params": {
"level": "info",
"message": "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}"
},
"id": "96b668d0-a1b6-11ed-afdf-d39a49596974",
"connector_type_id": ".server-log",
"frequency": {
"summary": false,
"throttle": null,
"notify_when": "onActionGroupChange"
}
}
],
"last_run": {
"alerts_count": {
"new": 0,
@ -3147,7 +3201,7 @@
"warning": null,
"outcome": "succeeded"
},
"next_run": "2022-12-12T22:44:21.653Z"
"next_run": "2023-01-31T23:49:42.432Z"
}
},
"create_rule_request": {
@ -3156,6 +3210,10 @@
"actions": [
{
"id": "dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2",
"frequency": {
"notify_when": "onActionGroupChange",
"summary": false
},
"group": "threshold met",
"params": {
"level": "info",
@ -3165,7 +3223,6 @@
],
"consumer": "alerts",
"name": "my rule",
"notify_when": "onActionGroupChange",
"params": {
"aggType": "avg",
"termSize": 6,
@ -3199,6 +3256,11 @@
{
"group": "threshold met",
"id": "dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2",
"frequency": {
"notify_when": "onActionGroupChange",
"summary": false,
"throttle": null
},
"params": {
"level": "info",
"message": "alert {{alertName}} is active for group {{context.group} :\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
@ -3237,6 +3299,7 @@
"termField": "name.keyword"
},
"rule_type_id": ".index-threshold",
"running": false,
"schedule": {
"interval": "1m"
},

130
x-pack/plugins/alerting/docs/openapi/bundled.yaml
View file

@ -1583,6 +1583,21 @@ components:
type: string
example: ac4e6b90-6be7-11eb-ba0d-9b1c1f912d74
schemas:
notify_when:
type: string
description: |
Indicates how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.
enum:
- onActionGroupChange
- onActiveAlert
- onThrottleInterval
example: onActiveAlert
throttle:
type: string
description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.
nullable: true
default: null
example: 10m
actions:
type: array
default: []
@ -1594,6 +1609,26 @@ components:
items:
type: object
properties:
connector_type_id:
type: string
description: The type of connector. This property appears in responses but cannot be set in requests.
example: .server-log
readOnly: true
frequency:
type: object
description: |
The parameters that affect how often actions are generated. NOTE: You cannot specify these parameters when `notify_when` or `throttle` are defined at the rule level.
required:
- notify_when
- summary
properties:
notify_when:
$ref: '#/components/schemas/notify_when'
summary:
type: boolean
description: Indicates whether the action is a summary.
throttle:
$ref: '#/components/schemas/throttle'
group:
type: string
description: The group name for the actions. If you don't need to group actions, set to `default`.
@ -1606,15 +1641,6 @@ components:
type: object
description: The parameters for the action, which are sent to the connector. The `params` are handled as Mustache templates and passed a default set of context.
additionalProperties: true
notify_when:
type: string
description: |
Indicates how often alerts generate actions. Valid values include: `onActionGroupChange`: Actions run when the alert status changes; `onActiveAlert`: Actions run when the alert becomes active and at each check interval while the rule conditions are met; `onThrottleInterval`: Actions run when the alert becomes active and at the interval specified in the throttle property while the rule conditions are met.
enum:
- onActionGroupChange
- onActiveAlert
- onThrottleInterval
example: onActiveAlert
schedule:
type: object
description: The check interval, which specifies how frequently the rule conditions are checked. The interval is specified in seconds, minutes, hours, or days.
@ -1628,12 +1654,6 @@ components:
items:
type: string
default: []
throttle:
type: string
description: The throttle interval, which defines how often an alert generates repeated actions. It is applicable only if `notify_when` is set to `onThrottleInterval`. It is specified in seconds, minutes, hours, or days.
nullable: true
default: null
example: 10m
rule_response_properties:
title: Rule response properties
type: object
@ -1649,7 +1669,6 @@ components:
- mute_all
- muted_alert_ids
- name
- notify_when
- params
- rule_type_id
- schedule
@ -1752,6 +1771,9 @@ components:
description: |
The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.
example: monitoring_alert_cluster_health
running:
type: boolean
description: Indicates whether the rule is running.
schedule:
$ref: '#/components/schemas/schedule'
scheduled_task_id:
@ -1808,7 +1830,6 @@ components:
type: object
required:
- name
- notify_when
- params
- schedule
properties:
@ -1837,7 +1858,6 @@ components:
required:
- consumer
- name
- notify_when
- params
- rule_type_id
- schedule
@ -2020,26 +2040,38 @@ components:
update_rule_request:
summary: Update an index threshold rule.
value:
notify_when: onActionGroupChange
actions:
- frequency:
summary: false
notify_when: onActionGroupChange
group: threshold met
id: 96b668d0-a1b6-11ed-afdf-d39a49596974
params:
level: info
message: |-
alert {{alertName}} is active for group {{context.group}}:
- Value: {{context.value}}
- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}
- Timestamp: {{context.date}}
params:
aggField: sheet.version
aggType: avg
index:
- .test-index
timeField: '@timestamp'
groupBy: top
aggType: avg
timeWindowSize: 5
timeWindowUnit: m
thresholdComparator: '>'
threshold:
- 1000
aggField: sheet.version
termField: name.keyword
termSize: 6
threshold:
- 1000
thresholdComparator: '>'
timeField: '@timestamp'
timeWindowSize: 5
timeWindowUnit: m
name: new name
schedule:
interval: 1m
actions: []
tags: []
name: new name
throttle: null
update_rule_response:
summary: The update rule API returns a JSON object that contains details about the rule.
@ -2050,8 +2082,9 @@ components:
name: new name
enabled: true
throttle: null
running: false
schedule:
interval: 1m
interval: 10m
params:
index:
- .updated-index
@ -2071,16 +2104,30 @@ components:
updated_by: elastic
rule_type_id: .index-threshold
scheduled_task_id: 4c5eda00-e74f-11ec-b72f-5b18752ff9ea
created_at: '2022-12-12T22:43:20.578Z'
updated_at: '2022-12-12T22:44:21.783Z'
notify_when: onActionGroupChange
created_at: '2023-01-31T23:03:33.127Z'
updated_at: '2023-01-31T23:55:27.314Z'
mute_all: false
muted_alert_ids: []
execution_status:
status: ok
last_execution_date: '2022-12-12T22:43:21.723Z'
last_duration: 125
actions: []
last_execution_date: '2023-01-31T23:48:42.499Z'
last_duration: 52
actions:
- group: threshold met
params:
level: info
message: |-
alert {{alertName}} is active for group {{context.group}}:
- Value: {{context.value}}
- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}
- Timestamp: {{context.date}
id: 96b668d0-a1b6-11ed-afdf-d39a49596974
connector_type_id: .server-log
frequency:
summary: false
throttle: null
notify_when: onActionGroupChange
last_run:
alerts_count:
new: 0
@ -2090,12 +2137,15 @@ components:
outcome_msg: null
warning: null
outcome: succeeded
next_run: '2022-12-12T22:44:21.653Z'
next_run: '2023-01-31T23:49:42.432Z'
create_rule_request:
summary: Create an index threshold rule.
value:
actions:
- id: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2
frequency:
notify_when: onActionGroupChange
summary: false
group: threshold met
params:
level: info
@ -2107,7 +2157,6 @@ components:
- Timestamp: {{context.date}}
consumer: alerts
name: my rule
notify_when: onActionGroupChange
params:
aggType: avg
termSize: 6
@ -2133,6 +2182,10 @@ components:
actions:
- group: threshold met
id: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2
frequency:
notify_when: onActionGroupChange
summary: false
throttle: null
params:
level: info
message: |-
@ -2169,6 +2222,7 @@ components:
aggField: sheet.version
termField: name.keyword
rule_type_id: .index-threshold
running: false
schedule:
interval: 1m
scheduled_task_id: 425b0800-6bca-11eb-9e0d-85d233e3ee35

4
x-pack/plugins/alerting/docs/openapi/components/examples/create_rule_request.yaml
View file

@ -2,13 +2,15 @@ summary: Create an index threshold rule.
value:
actions:
- id: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2
frequency:
notify_when: onActionGroupChange
summary: false
group: threshold met
params:
level: info
message: "alert '{{alertName}}' is active for group '{{context.group}}':\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
consumer: alerts
name: my rule
notify_when: onActionGroupChange
params:
aggType: avg
termSize: 6

5
x-pack/plugins/alerting/docs/openapi/components/examples/create_rule_response.yaml
View file

@ -3,6 +3,10 @@ value:
actions:
- group: threshold met
id: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2
frequency:
notify_when: onActionGroupChange
summary: false
throttle: null
params:
level: info
message: "alert {{alertName}} is active for group {{context.group} :\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
@ -34,6 +38,7 @@ value:
aggField: sheet.version
termField: name.keyword
rule_type_id: .index-threshold
running: false
schedule:
interval: 1m
scheduled_task_id: 425b0800-6bca-11eb-9e0d-85d233e3ee35

29
x-pack/plugins/alerting/docs/openapi/components/examples/update_rule_request.yaml
View file

@ -1,21 +1,28 @@
summary: Update an index threshold rule.
value:
notify_when: onActionGroupChange
actions:
- frequency:
summary: false
notify_when: onActionGroupChange
group: threshold met
id: 96b668d0-a1b6-11ed-afdf-d39a49596974
params:
level: info
message: "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}}"
params:
index: [".test-index"]
timeField: "@timestamp"
groupBy: top
aggType: avg
timeWindowSize: 5
timeWindowUnit: m
thresholdComparator: ">"
threshold: [1000]
aggField: sheet.version
aggType: avg
index: [".test-index"]
groupBy: top
termField: name.keyword
termSize: 6
threshold: [1000]
thresholdComparator: ">"
timeField: "@timestamp"
timeWindowSize: 5
timeWindowUnit: m
name: new name
schedule:
interval: 1m
actions: []
tags: []
name: new name
throttle: null

26
x-pack/plugins/alerting/docs/openapi/components/examples/update_rule_response.yaml
View file

@ -6,8 +6,9 @@ value:
name: new name
enabled: true
throttle: null
running: false
schedule:
interval: 1m
interval: 10m
params:
index: [".updated-index"]
timeField: "@timestamp"
@ -25,16 +26,25 @@ value:
updated_by: elastic
rule_type_id: .index-threshold
scheduled_task_id: 4c5eda00-e74f-11ec-b72f-5b18752ff9ea
created_at: '2022-12-12T22:43:20.578Z'
updated_at: '2022-12-12T22:44:21.783Z'
notify_when: onActionGroupChange
created_at: '2023-01-31T23:03:33.127Z'
updated_at: '2023-01-31T23:55:27.314Z'
mute_all: false
muted_alert_ids: []
execution_status:
status: ok
last_execution_date: '2022-12-12T22:43:21.723Z'
last_duration: 125
actions: []
last_execution_date: '2023-01-31T23:48:42.499Z'
last_duration: 52
actions:
- group: threshold met
params:
level: info
message: "alert {{alertName}} is active for group {{context.group}}:\n\n- Value: {{context.value}}\n- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}\n- Timestamp: {{context.date}"
id: 96b668d0-a1b6-11ed-afdf-d39a49596974
connector_type_id: .server-log
frequency:
summary: false
throttle: null
notify_when: onActionGroupChange
last_run:
alerts_count:
new: 0
@ -44,4 +54,4 @@ value:
outcome_msg: null
warning: null
outcome: succeeded
next_run: '2022-12-12T22:44:21.653Z'
next_run: '2023-01-31T23:49:42.432Z'

21
x-pack/plugins/alerting/docs/openapi/components/schemas/actions.yaml
View file

@ -8,6 +8,27 @@ nullable: true
items:
type: object
properties:
connector_type_id:
type: string
description: The type of connector. This property appears in responses but cannot be set in requests.
example: .server-log
readOnly: true
frequency:
type: object
description: >
The parameters that affect how often actions are generated.
NOTE: You cannot specify these parameters when `notify_when` or `throttle` are defined at the rule level.
required:
- notify_when
- summary
properties:
notify_when:
$ref: 'notify_when.yaml'
summary:
type: boolean
description: Indicates whether the action is a summary.
throttle:
$ref: 'throttle.yaml'
group:
type: string
description: The group name for the actions. If you don't need to group actions, set to `default`.

1
x-pack/plugins/alerting/docs/openapi/components/schemas/create_rule_request.yaml
View file

@ -5,7 +5,6 @@ type: object
required:
- consumer
- name
- notify_when
- params
- rule_type_id
- schedule

4
x-pack/plugins/alerting/docs/openapi/components/schemas/rule_response_properties.yaml
View file

@ -12,7 +12,6 @@ required:
- mute_all
- muted_alert_ids
- name
- notify_when
- params
- rule_type_id
- schedule
@ -115,6 +114,9 @@ properties:
description: >
The identifier for the type of rule. For example, `.es-query`, `.index-threshold`, `logs.alert.document.count`, `monitoring_alert_cluster_health`, `siem.thresholdRule`, or `xpack.ml.anomaly_detection_alert`.
example: monitoring_alert_cluster_health
running:
type: boolean
description: Indicates whether the rule is running.
schedule:
$ref: 'schedule.yaml'
scheduled_task_id:

1
x-pack/plugins/alerting/docs/openapi/components/schemas/update_rule_request.yaml
View file

@ -4,7 +4,6 @@ description: >-
type: object
required:
- name
- notify_when
- params
- schedule
properties: